1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/nss/lib/util/pkcs11f.h Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,905 @@
1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.6 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.7 +/*
1.8 + * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
1.9 + * is granted provided that it is identified as "RSA Security In.c Public-Key
1.10 + * Cryptography Standards (PKCS)" in all material mentioning or referencing
1.11 + * this document.
1.12 + */
1.13 +/* This function contains pretty much everything about all the */
1.14 +/* PKCS #11 function prototypes. Because this information is */
1.15 +/* used for more than just declaring function prototypes, the */
1.16 +/* order of the functions appearing herein is important, and */
1.17 +/* should not be altered. */
1.18 +
1.19 +
1.20 +
1.21 +/* General-purpose */
1.22 +
1.23 +/* C_Initialize initializes the PKCS #11 library. */
1.24 +CK_PKCS11_FUNCTION_INFO(C_Initialize)
1.25 +#ifdef CK_NEED_ARG_LIST
1.26 +(
1.27 + CK_VOID_PTR pInitArgs /* if this is not NULL_PTR, it gets
1.28 + * cast to CK_C_INITIALIZE_ARGS_PTR
1.29 + * and dereferenced */
1.30 +);
1.31 +#endif
1.32 +
1.33 +
1.34 +/* C_Finalize indicates that an application is done with the
1.35 + * PKCS #11 library. */
1.36 +CK_PKCS11_FUNCTION_INFO(C_Finalize)
1.37 +#ifdef CK_NEED_ARG_LIST
1.38 +(
1.39 + CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */
1.40 +);
1.41 +#endif
1.42 +
1.43 +
1.44 +/* C_GetInfo returns general information about PKCS #11. */
1.45 +CK_PKCS11_FUNCTION_INFO(C_GetInfo)
1.46 +#ifdef CK_NEED_ARG_LIST
1.47 +(
1.48 + CK_INFO_PTR pInfo /* location that receives information */
1.49 +);
1.50 +#endif
1.51 +
1.52 +
1.53 +/* C_GetFunctionList returns the function list. */
1.54 +CK_PKCS11_FUNCTION_INFO(C_GetFunctionList)
1.55 +#ifdef CK_NEED_ARG_LIST
1.56 +(
1.57 + CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to
1.58 + * function list */
1.59 +);
1.60 +#endif
1.61 +
1.62 +
1.63 +
1.64 +/* Slot and token management */
1.65 +
1.66 +/* C_GetSlotList obtains a list of slots in the system. */
1.67 +CK_PKCS11_FUNCTION_INFO(C_GetSlotList)
1.68 +#ifdef CK_NEED_ARG_LIST
1.69 +(
1.70 + CK_BBOOL tokenPresent, /* only slots with tokens? */
1.71 + CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */
1.72 + CK_ULONG_PTR pulCount /* receives number of slots */
1.73 +);
1.74 +#endif
1.75 +
1.76 +
1.77 +/* C_GetSlotInfo obtains information about a particular slot in
1.78 + * the system. */
1.79 +CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo)
1.80 +#ifdef CK_NEED_ARG_LIST
1.81 +(
1.82 + CK_SLOT_ID slotID, /* the ID of the slot */
1.83 + CK_SLOT_INFO_PTR pInfo /* receives the slot information */
1.84 +);
1.85 +#endif
1.86 +
1.87 +
1.88 +/* C_GetTokenInfo obtains information about a particular token
1.89 + * in the system. */
1.90 +CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo)
1.91 +#ifdef CK_NEED_ARG_LIST
1.92 +(
1.93 + CK_SLOT_ID slotID, /* ID of the token's slot */
1.94 + CK_TOKEN_INFO_PTR pInfo /* receives the token information */
1.95 +);
1.96 +#endif
1.97 +
1.98 +
1.99 +/* C_GetMechanismList obtains a list of mechanism types
1.100 + * supported by a token. */
1.101 +CK_PKCS11_FUNCTION_INFO(C_GetMechanismList)
1.102 +#ifdef CK_NEED_ARG_LIST
1.103 +(
1.104 + CK_SLOT_ID slotID, /* ID of token's slot */
1.105 + CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */
1.106 + CK_ULONG_PTR pulCount /* gets # of mechs. */
1.107 +);
1.108 +#endif
1.109 +
1.110 +
1.111 +/* C_GetMechanismInfo obtains information about a particular
1.112 + * mechanism possibly supported by a token. */
1.113 +CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo)
1.114 +#ifdef CK_NEED_ARG_LIST
1.115 +(
1.116 + CK_SLOT_ID slotID, /* ID of the token's slot */
1.117 + CK_MECHANISM_TYPE type, /* type of mechanism */
1.118 + CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */
1.119 +);
1.120 +#endif
1.121 +
1.122 +
1.123 +/* C_InitToken initializes a token. */
1.124 +CK_PKCS11_FUNCTION_INFO(C_InitToken)
1.125 +#ifdef CK_NEED_ARG_LIST
1.126 +/* pLabel changed from CK_CHAR_PTR to CK_UTF8CHAR_PTR for v2.10 */
1.127 +(
1.128 + CK_SLOT_ID slotID, /* ID of the token's slot */
1.129 + CK_UTF8CHAR_PTR pPin, /* the SO's initial PIN */
1.130 + CK_ULONG ulPinLen, /* length in bytes of the PIN */
1.131 + CK_UTF8CHAR_PTR pLabel /* 32-byte token label (blank padded) */
1.132 +);
1.133 +#endif
1.134 +
1.135 +
1.136 +/* C_InitPIN initializes the normal user's PIN. */
1.137 +CK_PKCS11_FUNCTION_INFO(C_InitPIN)
1.138 +#ifdef CK_NEED_ARG_LIST
1.139 +(
1.140 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.141 + CK_UTF8CHAR_PTR pPin, /* the normal user's PIN */
1.142 + CK_ULONG ulPinLen /* length in bytes of the PIN */
1.143 +);
1.144 +#endif
1.145 +
1.146 +
1.147 +/* C_SetPIN modifies the PIN of the user who is logged in. */
1.148 +CK_PKCS11_FUNCTION_INFO(C_SetPIN)
1.149 +#ifdef CK_NEED_ARG_LIST
1.150 +(
1.151 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.152 + CK_UTF8CHAR_PTR pOldPin, /* the old PIN */
1.153 + CK_ULONG ulOldLen, /* length of the old PIN */
1.154 + CK_UTF8CHAR_PTR pNewPin, /* the new PIN */
1.155 + CK_ULONG ulNewLen /* length of the new PIN */
1.156 +);
1.157 +#endif
1.158 +
1.159 +
1.160 +
1.161 +/* Session management */
1.162 +
1.163 +/* C_OpenSession opens a session between an application and a
1.164 + * token. */
1.165 +CK_PKCS11_FUNCTION_INFO(C_OpenSession)
1.166 +#ifdef CK_NEED_ARG_LIST
1.167 +(
1.168 + CK_SLOT_ID slotID, /* the slot's ID */
1.169 + CK_FLAGS flags, /* from CK_SESSION_INFO */
1.170 + CK_VOID_PTR pApplication, /* passed to callback */
1.171 + CK_NOTIFY Notify, /* callback function */
1.172 + CK_SESSION_HANDLE_PTR phSession /* gets session handle */
1.173 +);
1.174 +#endif
1.175 +
1.176 +
1.177 +/* C_CloseSession closes a session between an application and a
1.178 + * token. */
1.179 +CK_PKCS11_FUNCTION_INFO(C_CloseSession)
1.180 +#ifdef CK_NEED_ARG_LIST
1.181 +(
1.182 + CK_SESSION_HANDLE hSession /* the session's handle */
1.183 +);
1.184 +#endif
1.185 +
1.186 +
1.187 +/* C_CloseAllSessions closes all sessions with a token. */
1.188 +CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions)
1.189 +#ifdef CK_NEED_ARG_LIST
1.190 +(
1.191 + CK_SLOT_ID slotID /* the token's slot */
1.192 +);
1.193 +#endif
1.194 +
1.195 +
1.196 +/* C_GetSessionInfo obtains information about the session. */
1.197 +CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo)
1.198 +#ifdef CK_NEED_ARG_LIST
1.199 +(
1.200 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.201 + CK_SESSION_INFO_PTR pInfo /* receives session info */
1.202 +);
1.203 +#endif
1.204 +
1.205 +
1.206 +/* C_GetOperationState obtains the state of the cryptographic operation
1.207 + * in a session. */
1.208 +CK_PKCS11_FUNCTION_INFO(C_GetOperationState)
1.209 +#ifdef CK_NEED_ARG_LIST
1.210 +(
1.211 + CK_SESSION_HANDLE hSession, /* session's handle */
1.212 + CK_BYTE_PTR pOperationState, /* gets state */
1.213 + CK_ULONG_PTR pulOperationStateLen /* gets state length */
1.214 +);
1.215 +#endif
1.216 +
1.217 +
1.218 +/* C_SetOperationState restores the state of the cryptographic
1.219 + * operation in a session. */
1.220 +CK_PKCS11_FUNCTION_INFO(C_SetOperationState)
1.221 +#ifdef CK_NEED_ARG_LIST
1.222 +(
1.223 + CK_SESSION_HANDLE hSession, /* session's handle */
1.224 + CK_BYTE_PTR pOperationState, /* holds state */
1.225 + CK_ULONG ulOperationStateLen, /* holds state length */
1.226 + CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */
1.227 + CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */
1.228 +);
1.229 +#endif
1.230 +
1.231 +
1.232 +/* C_Login logs a user into a token. */
1.233 +CK_PKCS11_FUNCTION_INFO(C_Login)
1.234 +#ifdef CK_NEED_ARG_LIST
1.235 +(
1.236 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.237 + CK_USER_TYPE userType, /* the user type */
1.238 + CK_UTF8CHAR_PTR pPin, /* the user's PIN */
1.239 + CK_ULONG ulPinLen /* the length of the PIN */
1.240 +);
1.241 +#endif
1.242 +
1.243 +
1.244 +/* C_Logout logs a user out from a token. */
1.245 +CK_PKCS11_FUNCTION_INFO(C_Logout)
1.246 +#ifdef CK_NEED_ARG_LIST
1.247 +(
1.248 + CK_SESSION_HANDLE hSession /* the session's handle */
1.249 +);
1.250 +#endif
1.251 +
1.252 +
1.253 +
1.254 +/* Object management */
1.255 +
1.256 +/* C_CreateObject creates a new object. */
1.257 +CK_PKCS11_FUNCTION_INFO(C_CreateObject)
1.258 +#ifdef CK_NEED_ARG_LIST
1.259 +(
1.260 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.261 + CK_ATTRIBUTE_PTR pTemplate, /* the object's template */
1.262 + CK_ULONG ulCount, /* attributes in template */
1.263 + CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */
1.264 +);
1.265 +#endif
1.266 +
1.267 +
1.268 +/* C_CopyObject copies an object, creating a new object for the
1.269 + * copy. */
1.270 +CK_PKCS11_FUNCTION_INFO(C_CopyObject)
1.271 +#ifdef CK_NEED_ARG_LIST
1.272 +(
1.273 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.274 + CK_OBJECT_HANDLE hObject, /* the object's handle */
1.275 + CK_ATTRIBUTE_PTR pTemplate, /* template for new object */
1.276 + CK_ULONG ulCount, /* attributes in template */
1.277 + CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */
1.278 +);
1.279 +#endif
1.280 +
1.281 +
1.282 +/* C_DestroyObject destroys an object. */
1.283 +CK_PKCS11_FUNCTION_INFO(C_DestroyObject)
1.284 +#ifdef CK_NEED_ARG_LIST
1.285 +(
1.286 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.287 + CK_OBJECT_HANDLE hObject /* the object's handle */
1.288 +);
1.289 +#endif
1.290 +
1.291 +
1.292 +/* C_GetObjectSize gets the size of an object in bytes. */
1.293 +CK_PKCS11_FUNCTION_INFO(C_GetObjectSize)
1.294 +#ifdef CK_NEED_ARG_LIST
1.295 +(
1.296 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.297 + CK_OBJECT_HANDLE hObject, /* the object's handle */
1.298 + CK_ULONG_PTR pulSize /* receives size of object */
1.299 +);
1.300 +#endif
1.301 +
1.302 +
1.303 +/* C_GetAttributeValue obtains the value of one or more object
1.304 + * attributes. */
1.305 +CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue)
1.306 +#ifdef CK_NEED_ARG_LIST
1.307 +(
1.308 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.309 + CK_OBJECT_HANDLE hObject, /* the object's handle */
1.310 + CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */
1.311 + CK_ULONG ulCount /* attributes in template */
1.312 +);
1.313 +#endif
1.314 +
1.315 +
1.316 +/* C_SetAttributeValue modifies the value of one or more object
1.317 + * attributes */
1.318 +CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue)
1.319 +#ifdef CK_NEED_ARG_LIST
1.320 +(
1.321 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.322 + CK_OBJECT_HANDLE hObject, /* the object's handle */
1.323 + CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */
1.324 + CK_ULONG ulCount /* attributes in template */
1.325 +);
1.326 +#endif
1.327 +
1.328 +
1.329 +/* C_FindObjectsInit initializes a search for token and session
1.330 + * objects that match a template. */
1.331 +CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit)
1.332 +#ifdef CK_NEED_ARG_LIST
1.333 +(
1.334 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.335 + CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */
1.336 + CK_ULONG ulCount /* attrs in search template */
1.337 +);
1.338 +#endif
1.339 +
1.340 +
1.341 +/* C_FindObjects continues a search for token and session
1.342 + * objects that match a template, obtaining additional object
1.343 + * handles. */
1.344 +CK_PKCS11_FUNCTION_INFO(C_FindObjects)
1.345 +#ifdef CK_NEED_ARG_LIST
1.346 +(
1.347 + CK_SESSION_HANDLE hSession, /* session's handle */
1.348 + CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */
1.349 + CK_ULONG ulMaxObjectCount, /* max handles to get */
1.350 + CK_ULONG_PTR pulObjectCount /* actual # returned */
1.351 +);
1.352 +#endif
1.353 +
1.354 +
1.355 +/* C_FindObjectsFinal finishes a search for token and session
1.356 + * objects. */
1.357 +CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal)
1.358 +#ifdef CK_NEED_ARG_LIST
1.359 +(
1.360 + CK_SESSION_HANDLE hSession /* the session's handle */
1.361 +);
1.362 +#endif
1.363 +
1.364 +
1.365 +
1.366 +/* Encryption and decryption */
1.367 +
1.368 +/* C_EncryptInit initializes an encryption operation. */
1.369 +CK_PKCS11_FUNCTION_INFO(C_EncryptInit)
1.370 +#ifdef CK_NEED_ARG_LIST
1.371 +(
1.372 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.373 + CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */
1.374 + CK_OBJECT_HANDLE hKey /* handle of encryption key */
1.375 +);
1.376 +#endif
1.377 +
1.378 +
1.379 +/* C_Encrypt encrypts single-part data. */
1.380 +CK_PKCS11_FUNCTION_INFO(C_Encrypt)
1.381 +#ifdef CK_NEED_ARG_LIST
1.382 +(
1.383 + CK_SESSION_HANDLE hSession, /* session's handle */
1.384 + CK_BYTE_PTR pData, /* the plaintext data */
1.385 + CK_ULONG ulDataLen, /* bytes of plaintext */
1.386 + CK_BYTE_PTR pEncryptedData, /* gets ciphertext */
1.387 + CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */
1.388 +);
1.389 +#endif
1.390 +
1.391 +
1.392 +/* C_EncryptUpdate continues a multiple-part encryption
1.393 + * operation. */
1.394 +CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate)
1.395 +#ifdef CK_NEED_ARG_LIST
1.396 +(
1.397 + CK_SESSION_HANDLE hSession, /* session's handle */
1.398 + CK_BYTE_PTR pPart, /* the plaintext data */
1.399 + CK_ULONG ulPartLen, /* plaintext data len */
1.400 + CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
1.401 + CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */
1.402 +);
1.403 +#endif
1.404 +
1.405 +
1.406 +/* C_EncryptFinal finishes a multiple-part encryption
1.407 + * operation. */
1.408 +CK_PKCS11_FUNCTION_INFO(C_EncryptFinal)
1.409 +#ifdef CK_NEED_ARG_LIST
1.410 +(
1.411 + CK_SESSION_HANDLE hSession, /* session handle */
1.412 + CK_BYTE_PTR pLastEncryptedPart, /* last c-text */
1.413 + CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */
1.414 +);
1.415 +#endif
1.416 +
1.417 +
1.418 +/* C_DecryptInit initializes a decryption operation. */
1.419 +CK_PKCS11_FUNCTION_INFO(C_DecryptInit)
1.420 +#ifdef CK_NEED_ARG_LIST
1.421 +(
1.422 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.423 + CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */
1.424 + CK_OBJECT_HANDLE hKey /* handle of decryption key */
1.425 +);
1.426 +#endif
1.427 +
1.428 +
1.429 +/* C_Decrypt decrypts encrypted data in a single part. */
1.430 +CK_PKCS11_FUNCTION_INFO(C_Decrypt)
1.431 +#ifdef CK_NEED_ARG_LIST
1.432 +(
1.433 + CK_SESSION_HANDLE hSession, /* session's handle */
1.434 + CK_BYTE_PTR pEncryptedData, /* ciphertext */
1.435 + CK_ULONG ulEncryptedDataLen, /* ciphertext length */
1.436 + CK_BYTE_PTR pData, /* gets plaintext */
1.437 + CK_ULONG_PTR pulDataLen /* gets p-text size */
1.438 +);
1.439 +#endif
1.440 +
1.441 +
1.442 +/* C_DecryptUpdate continues a multiple-part decryption
1.443 + * operation. */
1.444 +CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate)
1.445 +#ifdef CK_NEED_ARG_LIST
1.446 +(
1.447 + CK_SESSION_HANDLE hSession, /* session's handle */
1.448 + CK_BYTE_PTR pEncryptedPart, /* encrypted data */
1.449 + CK_ULONG ulEncryptedPartLen, /* input length */
1.450 + CK_BYTE_PTR pPart, /* gets plaintext */
1.451 + CK_ULONG_PTR pulPartLen /* p-text size */
1.452 +);
1.453 +#endif
1.454 +
1.455 +
1.456 +/* C_DecryptFinal finishes a multiple-part decryption
1.457 + * operation. */
1.458 +CK_PKCS11_FUNCTION_INFO(C_DecryptFinal)
1.459 +#ifdef CK_NEED_ARG_LIST
1.460 +(
1.461 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.462 + CK_BYTE_PTR pLastPart, /* gets plaintext */
1.463 + CK_ULONG_PTR pulLastPartLen /* p-text size */
1.464 +);
1.465 +#endif
1.466 +
1.467 +
1.468 +
1.469 +/* Message digesting */
1.470 +
1.471 +/* C_DigestInit initializes a message-digesting operation. */
1.472 +CK_PKCS11_FUNCTION_INFO(C_DigestInit)
1.473 +#ifdef CK_NEED_ARG_LIST
1.474 +(
1.475 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.476 + CK_MECHANISM_PTR pMechanism /* the digesting mechanism */
1.477 +);
1.478 +#endif
1.479 +
1.480 +
1.481 +/* C_Digest digests data in a single part. */
1.482 +CK_PKCS11_FUNCTION_INFO(C_Digest)
1.483 +#ifdef CK_NEED_ARG_LIST
1.484 +(
1.485 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.486 + CK_BYTE_PTR pData, /* data to be digested */
1.487 + CK_ULONG ulDataLen, /* bytes of data to digest */
1.488 + CK_BYTE_PTR pDigest, /* gets the message digest */
1.489 + CK_ULONG_PTR pulDigestLen /* gets digest length */
1.490 +);
1.491 +#endif
1.492 +
1.493 +
1.494 +/* C_DigestUpdate continues a multiple-part message-digesting
1.495 + * operation. */
1.496 +CK_PKCS11_FUNCTION_INFO(C_DigestUpdate)
1.497 +#ifdef CK_NEED_ARG_LIST
1.498 +(
1.499 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.500 + CK_BYTE_PTR pPart, /* data to be digested */
1.501 + CK_ULONG ulPartLen /* bytes of data to be digested */
1.502 +);
1.503 +#endif
1.504 +
1.505 +
1.506 +/* C_DigestKey continues a multi-part message-digesting
1.507 + * operation, by digesting the value of a secret key as part of
1.508 + * the data already digested. */
1.509 +CK_PKCS11_FUNCTION_INFO(C_DigestKey)
1.510 +#ifdef CK_NEED_ARG_LIST
1.511 +(
1.512 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.513 + CK_OBJECT_HANDLE hKey /* secret key to digest */
1.514 +);
1.515 +#endif
1.516 +
1.517 +
1.518 +/* C_DigestFinal finishes a multiple-part message-digesting
1.519 + * operation. */
1.520 +CK_PKCS11_FUNCTION_INFO(C_DigestFinal)
1.521 +#ifdef CK_NEED_ARG_LIST
1.522 +(
1.523 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.524 + CK_BYTE_PTR pDigest, /* gets the message digest */
1.525 + CK_ULONG_PTR pulDigestLen /* gets byte count of digest */
1.526 +);
1.527 +#endif
1.528 +
1.529 +
1.530 +
1.531 +/* Signing and MACing */
1.532 +
1.533 +/* C_SignInit initializes a signature (private key encryption)
1.534 + * operation, where the signature is (will be) an appendix to
1.535 + * the data, and plaintext cannot be recovered from the
1.536 + *signature. */
1.537 +CK_PKCS11_FUNCTION_INFO(C_SignInit)
1.538 +#ifdef CK_NEED_ARG_LIST
1.539 +(
1.540 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.541 + CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
1.542 + CK_OBJECT_HANDLE hKey /* handle of signature key */
1.543 +);
1.544 +#endif
1.545 +
1.546 +
1.547 +/* C_Sign signs (encrypts with private key) data in a single
1.548 + * part, where the signature is (will be) an appendix to the
1.549 + * data, and plaintext cannot be recovered from the signature. */
1.550 +CK_PKCS11_FUNCTION_INFO(C_Sign)
1.551 +#ifdef CK_NEED_ARG_LIST
1.552 +(
1.553 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.554 + CK_BYTE_PTR pData, /* the data to sign */
1.555 + CK_ULONG ulDataLen, /* count of bytes to sign */
1.556 + CK_BYTE_PTR pSignature, /* gets the signature */
1.557 + CK_ULONG_PTR pulSignatureLen /* gets signature length */
1.558 +);
1.559 +#endif
1.560 +
1.561 +
1.562 +/* C_SignUpdate continues a multiple-part signature operation,
1.563 + * where the signature is (will be) an appendix to the data,
1.564 + * and plaintext cannot be recovered from the signature. */
1.565 +CK_PKCS11_FUNCTION_INFO(C_SignUpdate)
1.566 +#ifdef CK_NEED_ARG_LIST
1.567 +(
1.568 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.569 + CK_BYTE_PTR pPart, /* the data to sign */
1.570 + CK_ULONG ulPartLen /* count of bytes to sign */
1.571 +);
1.572 +#endif
1.573 +
1.574 +
1.575 +/* C_SignFinal finishes a multiple-part signature operation,
1.576 + * returning the signature. */
1.577 +CK_PKCS11_FUNCTION_INFO(C_SignFinal)
1.578 +#ifdef CK_NEED_ARG_LIST
1.579 +(
1.580 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.581 + CK_BYTE_PTR pSignature, /* gets the signature */
1.582 + CK_ULONG_PTR pulSignatureLen /* gets signature length */
1.583 +);
1.584 +#endif
1.585 +
1.586 +
1.587 +/* C_SignRecoverInit initializes a signature operation, where
1.588 + * the data can be recovered from the signature. */
1.589 +CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit)
1.590 +#ifdef CK_NEED_ARG_LIST
1.591 +(
1.592 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.593 + CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
1.594 + CK_OBJECT_HANDLE hKey /* handle of the signature key */
1.595 +);
1.596 +#endif
1.597 +
1.598 +
1.599 +/* C_SignRecover signs data in a single operation, where the
1.600 + * data can be recovered from the signature. */
1.601 +CK_PKCS11_FUNCTION_INFO(C_SignRecover)
1.602 +#ifdef CK_NEED_ARG_LIST
1.603 +(
1.604 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.605 + CK_BYTE_PTR pData, /* the data to sign */
1.606 + CK_ULONG ulDataLen, /* count of bytes to sign */
1.607 + CK_BYTE_PTR pSignature, /* gets the signature */
1.608 + CK_ULONG_PTR pulSignatureLen /* gets signature length */
1.609 +);
1.610 +#endif
1.611 +
1.612 +
1.613 +
1.614 +/* Verifying signatures and MACs */
1.615 +
1.616 +/* C_VerifyInit initializes a verification operation, where the
1.617 + * signature is an appendix to the data, and plaintext cannot
1.618 + * cannot be recovered from the signature (e.g. DSA). */
1.619 +CK_PKCS11_FUNCTION_INFO(C_VerifyInit)
1.620 +#ifdef CK_NEED_ARG_LIST
1.621 +(
1.622 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.623 + CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
1.624 + CK_OBJECT_HANDLE hKey /* verification key */
1.625 +);
1.626 +#endif
1.627 +
1.628 +
1.629 +/* C_Verify verifies a signature in a single-part operation,
1.630 + * where the signature is an appendix to the data, and plaintext
1.631 + * cannot be recovered from the signature. */
1.632 +CK_PKCS11_FUNCTION_INFO(C_Verify)
1.633 +#ifdef CK_NEED_ARG_LIST
1.634 +(
1.635 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.636 + CK_BYTE_PTR pData, /* signed data */
1.637 + CK_ULONG ulDataLen, /* length of signed data */
1.638 + CK_BYTE_PTR pSignature, /* signature */
1.639 + CK_ULONG ulSignatureLen /* signature length*/
1.640 +);
1.641 +#endif
1.642 +
1.643 +
1.644 +/* C_VerifyUpdate continues a multiple-part verification
1.645 + * operation, where the signature is an appendix to the data,
1.646 + * and plaintext cannot be recovered from the signature. */
1.647 +CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate)
1.648 +#ifdef CK_NEED_ARG_LIST
1.649 +(
1.650 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.651 + CK_BYTE_PTR pPart, /* signed data */
1.652 + CK_ULONG ulPartLen /* length of signed data */
1.653 +);
1.654 +#endif
1.655 +
1.656 +
1.657 +/* C_VerifyFinal finishes a multiple-part verification
1.658 + * operation, checking the signature. */
1.659 +CK_PKCS11_FUNCTION_INFO(C_VerifyFinal)
1.660 +#ifdef CK_NEED_ARG_LIST
1.661 +(
1.662 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.663 + CK_BYTE_PTR pSignature, /* signature to verify */
1.664 + CK_ULONG ulSignatureLen /* signature length */
1.665 +);
1.666 +#endif
1.667 +
1.668 +
1.669 +/* C_VerifyRecoverInit initializes a signature verification
1.670 + * operation, where the data is recovered from the signature. */
1.671 +CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit)
1.672 +#ifdef CK_NEED_ARG_LIST
1.673 +(
1.674 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.675 + CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
1.676 + CK_OBJECT_HANDLE hKey /* verification key */
1.677 +);
1.678 +#endif
1.679 +
1.680 +
1.681 +/* C_VerifyRecover verifies a signature in a single-part
1.682 + * operation, where the data is recovered from the signature. */
1.683 +CK_PKCS11_FUNCTION_INFO(C_VerifyRecover)
1.684 +#ifdef CK_NEED_ARG_LIST
1.685 +(
1.686 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.687 + CK_BYTE_PTR pSignature, /* signature to verify */
1.688 + CK_ULONG ulSignatureLen, /* signature length */
1.689 + CK_BYTE_PTR pData, /* gets signed data */
1.690 + CK_ULONG_PTR pulDataLen /* gets signed data len */
1.691 +);
1.692 +#endif
1.693 +
1.694 +
1.695 +
1.696 +/* Dual-function cryptographic operations */
1.697 +
1.698 +/* C_DigestEncryptUpdate continues a multiple-part digesting
1.699 + * and encryption operation. */
1.700 +CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate)
1.701 +#ifdef CK_NEED_ARG_LIST
1.702 +(
1.703 + CK_SESSION_HANDLE hSession, /* session's handle */
1.704 + CK_BYTE_PTR pPart, /* the plaintext data */
1.705 + CK_ULONG ulPartLen, /* plaintext length */
1.706 + CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
1.707 + CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */
1.708 +);
1.709 +#endif
1.710 +
1.711 +
1.712 +/* C_DecryptDigestUpdate continues a multiple-part decryption and
1.713 + * digesting operation. */
1.714 +CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate)
1.715 +#ifdef CK_NEED_ARG_LIST
1.716 +(
1.717 + CK_SESSION_HANDLE hSession, /* session's handle */
1.718 + CK_BYTE_PTR pEncryptedPart, /* ciphertext */
1.719 + CK_ULONG ulEncryptedPartLen, /* ciphertext length */
1.720 + CK_BYTE_PTR pPart, /* gets plaintext */
1.721 + CK_ULONG_PTR pulPartLen /* gets plaintext len */
1.722 +);
1.723 +#endif
1.724 +
1.725 +
1.726 +/* C_SignEncryptUpdate continues a multiple-part signing and
1.727 + * encryption operation. */
1.728 +CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate)
1.729 +#ifdef CK_NEED_ARG_LIST
1.730 +(
1.731 + CK_SESSION_HANDLE hSession, /* session's handle */
1.732 + CK_BYTE_PTR pPart, /* the plaintext data */
1.733 + CK_ULONG ulPartLen, /* plaintext length */
1.734 + CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
1.735 + CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */
1.736 +);
1.737 +#endif
1.738 +
1.739 +
1.740 +/* C_DecryptVerifyUpdate continues a multiple-part decryption and
1.741 + * verify operation. */
1.742 +CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate)
1.743 +#ifdef CK_NEED_ARG_LIST
1.744 +(
1.745 + CK_SESSION_HANDLE hSession, /* session's handle */
1.746 + CK_BYTE_PTR pEncryptedPart, /* ciphertext */
1.747 + CK_ULONG ulEncryptedPartLen, /* ciphertext length */
1.748 + CK_BYTE_PTR pPart, /* gets plaintext */
1.749 + CK_ULONG_PTR pulPartLen /* gets p-text length */
1.750 +);
1.751 +#endif
1.752 +
1.753 +
1.754 +
1.755 +/* Key management */
1.756 +
1.757 +/* C_GenerateKey generates a secret key, creating a new key
1.758 + * object. */
1.759 +CK_PKCS11_FUNCTION_INFO(C_GenerateKey)
1.760 +#ifdef CK_NEED_ARG_LIST
1.761 +(
1.762 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.763 + CK_MECHANISM_PTR pMechanism, /* key generation mech. */
1.764 + CK_ATTRIBUTE_PTR pTemplate, /* template for new key */
1.765 + CK_ULONG ulCount, /* # of attrs in template */
1.766 + CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */
1.767 +);
1.768 +#endif
1.769 +
1.770 +
1.771 +/* C_GenerateKeyPair generates a public-key/private-key pair,
1.772 + * creating new key objects. */
1.773 +CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair)
1.774 +#ifdef CK_NEED_ARG_LIST
1.775 +(
1.776 + CK_SESSION_HANDLE hSession, /* session
1.777 + * handle */
1.778 + CK_MECHANISM_PTR pMechanism, /* key-gen
1.779 + * mech. */
1.780 + CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template
1.781 + * for pub.
1.782 + * key */
1.783 + CK_ULONG ulPublicKeyAttributeCount, /* # pub.
1.784 + * attrs. */
1.785 + CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template
1.786 + * for priv.
1.787 + * key */
1.788 + CK_ULONG ulPrivateKeyAttributeCount, /* # priv.
1.789 + * attrs. */
1.790 + CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub.
1.791 + * key
1.792 + * handle */
1.793 + CK_OBJECT_HANDLE_PTR phPrivateKey /* gets
1.794 + * priv. key
1.795 + * handle */
1.796 +);
1.797 +#endif
1.798 +
1.799 +
1.800 +/* C_WrapKey wraps (i.e., encrypts) a key. */
1.801 +CK_PKCS11_FUNCTION_INFO(C_WrapKey)
1.802 +#ifdef CK_NEED_ARG_LIST
1.803 +(
1.804 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.805 + CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */
1.806 + CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */
1.807 + CK_OBJECT_HANDLE hKey, /* key to be wrapped */
1.808 + CK_BYTE_PTR pWrappedKey, /* gets wrapped key */
1.809 + CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */
1.810 +);
1.811 +#endif
1.812 +
1.813 +
1.814 +/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new
1.815 + * key object. */
1.816 +CK_PKCS11_FUNCTION_INFO(C_UnwrapKey)
1.817 +#ifdef CK_NEED_ARG_LIST
1.818 +(
1.819 + CK_SESSION_HANDLE hSession, /* session's handle */
1.820 + CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */
1.821 + CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */
1.822 + CK_BYTE_PTR pWrappedKey, /* the wrapped key */
1.823 + CK_ULONG ulWrappedKeyLen, /* wrapped key len */
1.824 + CK_ATTRIBUTE_PTR pTemplate, /* new key template */
1.825 + CK_ULONG ulAttributeCount, /* template length */
1.826 + CK_OBJECT_HANDLE_PTR phKey /* gets new handle */
1.827 +);
1.828 +#endif
1.829 +
1.830 +
1.831 +/* C_DeriveKey derives a key from a base key, creating a new key
1.832 + * object. */
1.833 +CK_PKCS11_FUNCTION_INFO(C_DeriveKey)
1.834 +#ifdef CK_NEED_ARG_LIST
1.835 +(
1.836 + CK_SESSION_HANDLE hSession, /* session's handle */
1.837 + CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */
1.838 + CK_OBJECT_HANDLE hBaseKey, /* base key */
1.839 + CK_ATTRIBUTE_PTR pTemplate, /* new key template */
1.840 + CK_ULONG ulAttributeCount, /* template length */
1.841 + CK_OBJECT_HANDLE_PTR phKey /* gets new handle */
1.842 +);
1.843 +#endif
1.844 +
1.845 +
1.846 +
1.847 +/* Random number generation */
1.848 +
1.849 +/* C_SeedRandom mixes additional seed material into the token's
1.850 + * random number generator. */
1.851 +CK_PKCS11_FUNCTION_INFO(C_SeedRandom)
1.852 +#ifdef CK_NEED_ARG_LIST
1.853 +(
1.854 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.855 + CK_BYTE_PTR pSeed, /* the seed material */
1.856 + CK_ULONG ulSeedLen /* length of seed material */
1.857 +);
1.858 +#endif
1.859 +
1.860 +
1.861 +/* C_GenerateRandom generates random data. */
1.862 +CK_PKCS11_FUNCTION_INFO(C_GenerateRandom)
1.863 +#ifdef CK_NEED_ARG_LIST
1.864 +(
1.865 + CK_SESSION_HANDLE hSession, /* the session's handle */
1.866 + CK_BYTE_PTR RandomData, /* receives the random data */
1.867 + CK_ULONG ulRandomLen /* # of bytes to generate */
1.868 +);
1.869 +#endif
1.870 +
1.871 +
1.872 +
1.873 +/* Parallel function management */
1.874 +
1.875 +/* C_GetFunctionStatus is a legacy function; it obtains an
1.876 + * updated status of a function running in parallel with an
1.877 + * application. */
1.878 +CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus)
1.879 +#ifdef CK_NEED_ARG_LIST
1.880 +(
1.881 + CK_SESSION_HANDLE hSession /* the session's handle */
1.882 +);
1.883 +#endif
1.884 +
1.885 +
1.886 +/* C_CancelFunction is a legacy function; it cancels a function
1.887 + * running in parallel. */
1.888 +CK_PKCS11_FUNCTION_INFO(C_CancelFunction)
1.889 +#ifdef CK_NEED_ARG_LIST
1.890 +(
1.891 + CK_SESSION_HANDLE hSession /* the session's handle */
1.892 +);
1.893 +#endif
1.894 +
1.895 +
1.896 +
1.897 +/* Functions added in for PKCS #11 Version 2.01 or later */
1.898 +
1.899 +/* C_WaitForSlotEvent waits for a slot event (token insertion,
1.900 + * removal, etc.) to occur. */
1.901 +CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent)
1.902 +#ifdef CK_NEED_ARG_LIST
1.903 +(
1.904 + CK_FLAGS flags, /* blocking/nonblocking flag */
1.905 + CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */
1.906 + CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */
1.907 +);
1.908 +#endif
